openssh bugs - Nov 2014 - [Bug 2318] New: ControlPath collisions when using shared locations like /tmp for the sockets.

https://bugzilla.mindrot.org/show_bug.cgi?id=2318

            Bug ID: 2318
           Summary: ControlPath collisions when using shared locations
                    like /tmp for the sockets.
           Product: Portable OpenSSH
           Version: 6.7p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: calestyo at scientia.net

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2318

Christoph Anton Mitterer <calestyo at scientia.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|ControlPath collisions when |ControlPath name collisions
                   |using shared locations like |when using shared locations
                   |/tmp for the sockets.       |like /tmp for the sockets.

--- Comment #1 from Christoph Anton Mitterer <calestyo at scientia.net>
---
(Sorry, hit enter too fast)


This issue is from [0], see also bug #2311.


If a shared location like /tmp would be used for the ControlPath
setting of ssh, the following issues may arise:

1) %C (the hash hover local host, remote user, hostname, port) alone,
may lead to collisions, since local host, remote user, hostname, port
are not alone to generate unique names.
The local user name should be added to %C.

2) The manpage section which tells people which data they should use at
least to prevent collisions should be adapted as well, to also include
%u (i.e. the local user name).


Cheers,
Chris.

[0]
https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-November/033140.html

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2318

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |djm at mindrot.org
         Resolution|---                         |WONTFIX

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Like the manual now recommends, don't use shared directories for mux
sockets.

If you do use shared directories and are happy to accept that
particular risk, then it is up to you to make the path unique. You can
add %u to the path explicitly very easily.

I don't see a compelling reason to change this.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2318

--- Comment #3 from Christoph Anton Mitterer <calestyo at scientia.net>
---
(In reply to Damien Miller from comment #2)
> I don't see a compelling reason to change this.
Becuase it's a better an cleaner way of handling it, for those people
who do want to use shared locations, and likely is trivial or doesn't
require much work?

Apart from that,... same argumentation with the bug #2311 - since
closing that one is a mistake, closing this one is either.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2318

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #4 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.